On January 27th 2023 the chilean goverment CSIRT disclosed IOCs of a failed intrusion to an entity related with the economic sector in Chile. What was published corresponded to a hash (md5) and two IPv4 addresses. In this post we reviewed this data and try to get more information about the threat.
Continue readingDeobfuscating a Powershell payload of Cobalt Strike
